mirrors/wireproxy
1
0
Fork 0
mirror of https://github.com/whyvl/wireproxy.git synced 2025-04-29 19:01:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix crash when landlock ABI is outdated

Browse source
This commit is contained in:
pufferffish 2024-04-13 02:33:43 +01:00
parent f54319b736
commit d40aa7f725
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cmd/wireproxy/main.go
View file

@ -62,7 +62,7 @@ func lock(stage string) {
// also remove unveil permission to lock unveil
pledgeOrPanic("stdio rpath inet dns proc exec")
// Linux
panicIfError(landlock.V4.BestEffort().RestrictPaths(
panicIfError(landlock.V1.BestEffort().RestrictPaths(
landlock.RODirs("/"),
))
case "boot-daemon":
@ -75,7 +75,7 @@ func lock(stage string) {
pledgeOrPanic("stdio inet dns")
// Linux
net.DefaultResolver.PreferGo = true // needed to lock down dependencies
panicIfError(landlock.V4.BestEffort().RestrictPaths(
panicIfError(landlock.V1.BestEffort().RestrictPaths(
landlock.ROFiles("/etc/resolv.conf"),
landlock.ROFiles("/dev/fd"),
landlock.ROFiles("/dev/zero"),
@ -136,7 +136,7 @@ func lockNetwork(sections []wireproxy.RoutineSpawner, infoAddr *string) {
}
}
panicIfError(landlock.V4.RestrictNet(rules...))
panicIfError(landlock.V4.BestEffort().RestrictNet(rules...))
}
func main() {